authentication - Security Ticks

The role of self-sovereign identity in enterprises

1Kosmos, authentication, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, News, opinion, regulation / SecurityTicks

The role of self-sovereign identity in enterprises 2024-10-08 at 07:31 By Help Net Security As personal data becomes increasingly commodified and centralized, the need for individuals to reclaim control over their identities has never been more urgent. Meanwhile, traditional identity systems used by enterprises often expose sensitive information to unnecessary risk, leaving both users and […]

React to this headline:

The role of self-sovereign identity in enterprises Read More »

How hybrid workforces are reshaping authentication strategies

authentication, biometrics, cybersecurity, Don't miss, Features, FusionAuth, Hot stuff, identity verification, MFA, News, opinion, SSO / SecurityTicks

How hybrid workforces are reshaping authentication strategies 2024-10-08 at 07:01 By Mirko Zorz In this Help Net Security interview, Brian Pontarelli, CEO at FusionAuth, discusses the evolving authentication challenges posed by the rise of hybrid and remote workforces. He advocates for zero trust strategies, including MFA and behavioral biometrics, to enhance security while maintaining productivity.

React to this headline:

How hybrid workforces are reshaping authentication strategies Read More »

Three hard truths hindering cloud-native detection and response

authentication, cloud computing, cloud security, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Sweet Security / SecurityTicks

Three hard truths hindering cloud-native detection and response 2024-10-03 at 08:01 By Help Net Security According to Gartner, the market for cloud computing services is expected to reach $675 billion in 2024. Companies are shifting from testing the waters of cloud computing to making substantive investments in cloud-native IT, and attackers are shifting with them.

React to this headline:

Three hard truths hindering cloud-native detection and response Read More »

15% of office workers use unsanctioned GenAI tools

access control, authentication, cybersecurity, generative AI, Ivanti, News, remote working, report, strategy, survey / SecurityTicks

15% of office workers use unsanctioned GenAI tools 2024-10-03 at 06:31 By Help Net Security Rigid security protocols — such as complex authentication processes and highly restrictive access controls — can frustrate employees, slow productivity and lead to unsafe workarounds, according to Ivanti. Understanding workplace behavior key to strengthening security In fact, one in two

React to this headline:

15% of office workers use unsanctioned GenAI tools Read More »

Reducing credential complexity with identity federation

authentication, credentials, cybersecurity, Descope, Don't miss, Features, Hot stuff, identity management, News, opinion, SSO / SecurityTicks

Reducing credential complexity with identity federation 2024-10-01 at 07:01 By Mirko Zorz In this Help Net Security interview, Omer Cohen, Chief Security Officer at Descope, discusses the impact of identity federation on organizational security and user experience. He explains how this approach streamlines credential management and enhances security by leveraging trusted identity providers while simplifying

React to this headline:

Reducing credential complexity with identity federation Read More »

The most common authentication method is also the least secure

authentication, cyber risk, cybersecurity, News, passwords, report, survey, Yubico / SecurityTicks

The most common authentication method is also the least secure 2024-09-30 at 06:01 By Help Net Security Despite the rise in cyber threats, many people do not have a holistic view of security, according to Yubico. The results of the survey uncovered concerning patterns and behaviors when it comes to personal and workplace cybersecurity, including

React to this headline:

The most common authentication method is also the least secure Read More »

3 tips for securing IoT devices in a connected world

access control, authentication, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity management, IoT, News, opinion, tips, WatchGuard / SecurityTicks

3 tips for securing IoT devices in a connected world 2024-09-27 at 08:01 By Help Net Security IoT devices have become integral to how many organizations operate. From Smart TVs in conference rooms to connected sensors and wireless security cameras, these connected devices are now a fixture in the modern workplace. They also, however, present

React to this headline:

3 tips for securing IoT devices in a connected world Read More »

Securing non-human identities: Why fragmented strategies fail

authentication, Cloud Security Alliance, cybersecurity, Don't miss, Features, Hot stuff, identity, News, Non Human Identities, opinion, strategy / SecurityTicks

Securing non-human identities: Why fragmented strategies fail 2024-09-25 at 07:31 By Mirko Zorz In this Help Net Security interview, John Yeoh, Global VP of Research at CSA, discusses the growing security challenges posed by non-human identities (NHIs). With NHIs now outnumbering human identities by 20 to 1, organizations are struggling to secure these digital entities

React to this headline:

Securing non-human identities: Why fragmented strategies fail Read More »

How to detect and stop bot activity

access management, authentication, bot, cybersecurity, device fingerprinting, Don't miss, Expert analysis, Expert corner, Fingerprint, Hot stuff, News, opinion, strategy / SecurityTicks

How to detect and stop bot activity 2024-09-20 at 07:46 By Help Net Security Bad bot traffic continues to rise year-over-year, accounting for nearly a third of all internet traffic in 2023. Bad bots access sensitive data, perpetrate fraud, steal proprietary information, and degrade site performance. New technologies are enabling fraudsters to strike faster and

React to this headline:

How to detect and stop bot activity Read More »

Authentik: Open-source identity provider

authentication, Don't miss, GitHub, Hot stuff, News, open source, software / SecurityTicks

Authentik: Open-source identity provider 2024-08-16 at 07:01 By Mirko Zorz Authentik is an open-source identity provider designed for maximum flexibility and adaptability. It easily integrates into existing environments and supports new protocols. It’s a comprehensive solution for implementing features like sign-up, account recovery, and more in your application, eliminating the need to manage these tasks

React to this headline:

Authentik: Open-source identity provider Read More »

How passkeys eliminate password management headaches

authentication, cybersecurity, Don't miss, Features, Hot stuff, Industry news, opinion, passwords, rf IDEAS, SSO, standards / SecurityTicks

How passkeys eliminate password management headaches 2024-08-15 at 07:01 By Mirko Zorz In this Help Net Security interview, David Cottingham, President at rf IDEAS, discusses the key benefits organizations can expect when implementing passkeys. Cottingham addresses the misconceptions surrounding the adoption of passkeys, particularly in the B2B landscape. What are the key benefits that organizations

React to this headline:

How passkeys eliminate password management headaches Read More »

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)

0-day, authentication, Don't miss, Hot stuff, Microsoft 365, MS Office, News, PrivSec / SecurityTicks

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) 2024-08-12 at 13:31 By Zeljka Zorz A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability is exploitable remotely and requires no special privileges or user interaction to be

React to this headline:

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) Read More »

AI-generated deepfake attacks force companies to reassess cybersecurity

Artificial Intelligence, authentication, deepfakes, GetApp, News, report, survey, threat / SecurityTicks

AI-generated deepfake attacks force companies to reassess cybersecurity 2024-07-26 at 07:31 By Help Net Security As AI-generated deepfake attacks and identity fraud become more prevalent, companies are developing response plans to address these threats, according to GetApp. In fact, 73% of US respondents report that their organization has developed a deepfake response plan. This concern

React to this headline:

AI-generated deepfake attacks force companies to reassess cybersecurity Read More »

Fighting AI-powered synthetic ID fraud with AI

Artificial Intelligence, authentication, AuthenticID, biometrics, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, fraud, Hot stuff, identity, identity verification, News, opinion / SecurityTicks

Fighting AI-powered synthetic ID fraud with AI 2024-07-18 at 07:31 By Help Net Security Aided by the emergence of generative artificial intelligence models, synthetic identity fraud has skyrocketed, and now accounts for a staggering 85% of all identity fraud cases. For security professionals, the challenge lies in staying one step ahead of these evolving threats.

React to this headline:

Fighting AI-powered synthetic ID fraud with AI Read More »

Overlooked essentials: API security best practices

access control, Akto, API security, authentication, cybersecurity, Don't miss, Encryption, Features, Hot stuff, News, opinion, policy / SecurityTicks

Overlooked essentials: API security best practices 2024-07-17 at 07:31 By Mirko Zorz In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID Connect, strict HTTPS encryption, and the use of JWTs for stateless authentication. Gupta recommends role-based access control (RBAC) and

React to this headline:

Overlooked essentials: API security best practices Read More »

Using Authy? Beware of impending phishing attempts

2FA, API security, authentication, CCC, cloud security, Data leak, Don't miss, Hot stuff, MFA, News, phishing, Twilio / SecurityTicks

Using Authy? Beware of impending phishing attempts 2024-07-11 at 15:46 By Zeljka Zorz Do you use Authy for your multi-factor authentication needs? If you do, you should keep an eye out for phishing attempts, as well as implement defenses against SIM swapping attacks. What happened? On July 1, Twilio – the company that develops the

React to this headline:

Using Authy? Beware of impending phishing attempts Read More »

Google removes enrollment barrier for prospective Advanced Protection Program users

account protection, authentication, Don't miss, Google, Hot stuff, News, passwordless / SecurityTicks

Google removes enrollment barrier for prospective Advanced Protection Program users 2024-07-10 at 14:01 By Zeljka Zorz Google has removed a potential obstacle for high-risk users who want to enroll in the company’s Advanced Protection Program (APP): they can now do it just by setting a passkey. Users already enrolled in APP have been provided the

React to this headline:

Google removes enrollment barrier for prospective Advanced Protection Program users Read More »

Product showcase: Protect digital identities with Swissbit’s iShield Key Pro

authentication, Compliance, cybersecurity, Don't miss, Hot stuff, identity, News, Swissbit, Token / SecurityTicks

Product showcase: Protect digital identities with Swissbit’s iShield Key Pro 2024-07-01 at 07:01 By Help Net Security In today’s fast-paced business world, protecting digital identities and optimizing daily workflows are crucial. The iShield Key Pro series from Swissbit addresses these challenges by offering top-notch security combined with effortless usability. Let’s delve into how the iShield

React to this headline:

Product showcase: Protect digital identities with Swissbit’s iShield Key Pro Read More »

From passwords to passkeys: Enhancing security and user satisfaction

authentication, Compliance, credentials, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, passwordless, passwords, regulation, Stytch / SecurityTicks

From passwords to passkeys: Enhancing security and user satisfaction 2024-06-20 at 07:01 By Mirko Zorz In this Help Net Security interview, Julianna Lamb, Stytch CTO, discusses the advantages of passwordless authentication. Eliminating passwords reduces data breaches and improves user experience by simplifying the login process. Lamb also addresses the technical challenges and economic implications of

React to this headline:

From passwords to passkeys: Enhancing security and user satisfaction Read More »

Preparing for a post-quantum future

authentication, automation, certificates, cybersecurity, Don't miss, Encryption, Hot stuff, identity, Privacy, quantum computing, Venafi, Video / SecurityTicks

Preparing for a post-quantum future 2024-06-18 at 06:31 By Help Net Security Post-quantum cryptography (PQC) is a hot topic. A recent paper from Tsinghua University raised doubts about lattice-based cryptography for PQC, though an error was found. This has sparked questions about the strength of soon-to-be-standardized PQC algorithms. In this Help Net Security video, Kevin

React to this headline:

Preparing for a post-quantum future Read More »